An efficient intrusion detection method using federated transfer learning and support vector machine with privacy-preserving

In recent decades, network security for organizations and individuals has become more and more important, and intrusion detection systems play a key role in protecting network security. To improve intrusion detection effect, different machine learning techniques have been widely applied and achieved exciting results. However, the premise that these methods achieve reliable results is that there are enough available and well-labeled training data, training and test data being from the same distribution. In real life, the limited label data generated by a single organization is not enough to train a reliable learning model, and the distribution of data collected by different organizations is difficult to be the same. In addition, various organizations protect their privacy and data security through data islands. Therefore, this paper proposes an efficient intrusion detection method using transfer learning and support vector machine with privacy-preserving (FETLSVMP). FETLSVMP performs aggregation of data distributed in various organizations through federated learning, then utilizes transfer learning and support vector machines build personalized models for each organization. Specifically, FETLSVMP first builds a transfer support vector machine model to solve the problem of data distribution differences among various organizations; then, under the mechanism of federated learning, the model is used for learning without sharing training data on each organization to protect data privacy; finally, the intrusion detection model is obtained with protecting the privacy of data. Experiments are carried out on NSL-KDD, KDD CUP99 and ISCX2012, the experimental results verify that the proposed method can achieve better results of detection and robust performance, especially for small samples and emerging intrusion behaviors, and have the ability to protect data privacy.